Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/3XeXSNOHEwr1iigSq-Lf9pGi5-w.roa
File: 3XeXSNOHEwr1iigSq-Lf9pGi5-w.roa (raw, json)
Hash identifier: j+Y6lKJU8d2MogCuK/yKzFluCvZ/y/pRg/6pJDew/Ak=
Subject key identifier: DD:77:97:48:D3:87:13:0A:F5:8A:28:12:AB:E2:DF:F6:91:A2:E7:EC
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C3E6FF979B5BA217537A4CAA2A9677FF4
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/3XeXSNOHEwr1iigSq-Lf9pGi5-w.roa
Signing time: Wed 06 Dec 2023 09:22:54 +0000
ROA not before: Wed 06 Dec 2023 09:22:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
89.185.24.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
89.185.22.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.123.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 06 Dec 2023 18:09:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:6f:f9:79:b5:ba:21:75:37:a4:ca:a2:a9:67:7f:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 6 09:22:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd779748d387130af58a2812abe2dff691a2e7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:27:7f:9e:ce:95:5f:e0:9a:cf:1d:8b:17:44:
98:73:2f:63:a1:62:0f:2b:fc:d2:25:ac:e1:1d:db:
52:68:9d:17:03:1e:8b:ad:b8:d0:c0:6f:a8:bb:3e:
4a:74:f5:46:37:6f:0f:92:31:b3:45:e6:fc:c9:59:
6e:11:13:60:12:cf:3c:12:14:5b:98:98:bb:95:17:
85:42:79:e7:28:e6:a3:97:2b:dd:8b:61:5c:2f:1c:
8e:c1:e3:c0:23:7e:e4:d7:fa:d4:17:34:e4:0e:ee:
25:4f:7e:9e:1c:3c:69:e7:8c:75:a3:58:9d:48:10:
8c:96:aa:ca:f1:03:d8:31:a5:3b:bf:93:d9:23:4f:
0a:53:49:dd:b8:85:ae:68:86:96:d2:28:d7:98:05:
dd:93:88:80:ed:68:98:e6:72:11:cb:a9:36:ec:cf:
1b:a6:d0:ab:b1:f8:12:02:e0:b0:f9:02:69:64:8d:
a5:96:16:be:24:d6:39:22:3b:64:6e:cd:ee:57:4e:
6d:7b:7a:c8:0f:e4:97:1c:7c:fc:4a:dc:34:12:3c:
e6:ae:c4:a3:bb:47:c8:5f:ef:96:40:9d:71:d0:de:
bd:22:56:06:19:2a:7f:cb:2c:81:2e:a8:bc:d1:cb:
ea:31:d3:13:e8:62:d1:7e:a7:f2:65:4e:cc:ab:00:
ce:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:77:97:48:D3:87:13:0A:F5:8A:28:12:AB:E2:DF:F6:91:A2:E7:EC
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/3XeXSNOHEwr1iigSq-Lf9pGi5-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
89.185.22.0/24
89.185.24.0/22
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
40:e5:fa:bb:bf:f3:67:80:68:79:cc:30:ef:a3:bb:57:f3:c0:
df:04:7f:f9:52:5f:12:25:04:31:5b:72:7d:c2:84:9c:f2:21:
65:62:ef:43:e1:69:b4:32:36:86:a3:d3:23:f1:9d:56:8c:61:
9f:92:d7:e8:85:ff:6a:68:ce:f0:6a:c7:c3:76:fb:c7:99:41:
e6:a9:14:1c:4b:54:f9:f8:8b:d7:99:d9:3e:81:36:13:ea:8c:
0c:bf:a0:46:af:6a:22:e7:aa:c5:14:9b:df:1e:c3:0e:ef:7e:
c9:b3:0c:2c:10:aa:45:43:a8:d6:ec:81:85:02:8e:d4:5f:08:
e0:0f:92:d7:89:89:3c:83:a8:bf:5e:84:66:bd:71:23:65:e2:
5b:c3:bb:24:0a:88:7f:e5:2f:74:76:d4:1c:d6:c3:3a:66:52:
39:48:fb:df:b4:51:aa:ac:38:e2:0d:8d:75:d6:33:08:26:0c:
a6:70:6d:af:d2:d0:11:46:5c:de:91:80:fe:5a:93:c5:54:e6:
78:08:ab:d0:66:98:b0:c7:1d:a5:e4:24:e4:9c:02:d2:48:33:
96:3a:b8:cc:30:b8:e6:5c:7a:97:42:d0:f5:87:4e:49:80:35:
b6:01:ce:2e:84:78:5e:58:9d:31:e9:ce:a4:90:aa:c6:a8:4a:
f3:5f:eb:96
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYw+b/l5tbohdTekyqKpZ3/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjA2MDkyMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDc3OTc0OGQzODcxMzBhZjU4YTI4MTJhYmUyZGZmNjkxYTJlN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Cd/ns6VX+Cazx2LF0SYcy9joWIP
K/zSJazhHdtSaJ0XAx6LrbjQwG+ouz5KdPVGN28PkjGzReb8yVluERNgEs88EhRb
mJi7lReFQnnnKOajlyvdi2FcLxyOwePAI37k1/rUFzTkDu4lT36eHDxp54x1o1id
SBCMlqrK8QPYMaU7v5PZI08KU0nduIWuaIaW0ijXmAXdk4iA7WiY5nIRy6k27M8b
ptCrsfgSAuCw+QJpZI2llha+JNY5Ijtkbs3uV05te3rID+SXHHz8Stw0EjzmrsSj
u0fIX++WQJ1x0N69IlYGGSp/yyyBLqi80cvqMdMT6GLRfqfyZU7MqwDO4wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN13l0jThxMK9YooEqvi3/aRoufsMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvM1hlWFNOT0hFd3IxaWlnU3EtTGY5cEdpNS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDURaIAwQC
WbkAAwQAWbkWAwQCWbkYAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQBA
5fq7v/NngGh5zDDvo7tX88DfBH/5Ul8SJQQxW3J9woSc8iFlYu9D4Wm0MjaGo9Mj
8Z1WjGGfktfohf9qaM7wasfDdvvHmUHmqRQcS1T5+IvXmdk+gTYT6owMv6BGr2oi
56rFFJvfHsMO737JswwsEKpFQ6jW7IGFAo7UXwjgD5LXiYk8g6i/XoRmvXEjZeJb
w7skCoh/5S90dtQc1sM6ZlI5SPvftFGqrDjiDY111jMIJgymcG2v0tARRlzekYD+
WpPFVOZ4CKvQZpiwxx2l5CTknALSSDOWOrjMMLjmXHqXQtD1h05JgDW2Ac4uhHhe
WJ0x6c6kkKrGqErzX+uW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org